Mathis/allianceauth
1
0
Fork 0
mirror of https://gitlab.com/allianceauth/allianceauth.git synced 2025-12-18 23:05:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

Minor Documentation Update (#1019)

Browse Source 
Gunicorn needs to be run whilist in the folder for context, folder path is not enough
Correct static path, note to check nginx user
Capitalization of services and small typos
Service examples updated to their latest versions and download links
Expanded /var/www chowns for Nginx and Apache examples
Add in a troubleshooting note for no images being displayed (permissions issue) and gunicorn not execting (file path context)
Correct formatting. Reword a few parts. Remove "new in 1.15".
This commit is contained in:
Ariel Rin
2018-04-18 08:55:18 +10:00
committed by Adarnof
parent cd8bcfbbb5
commit 95f72c854d
27 changed files with 203 additions and 181 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
docs/installation/auth/allianceauth.md
View File

@@ -2,12 +2,12 @@
```eval_rst
.. tip::
If you are uncomfortable with linux permissions follow the steps below as the root user. Some commands do not behave the same when run with sudo.
If you are uncomfortable with Linux permissions follow the steps below as the root user. Some commands do not behave the same when run with sudo.
```
## Dependencies
Alliance Auth can be installed on any operating system. Dependencies are provided below for two of the most popular server platforms, Ubuntu and CentOS. To install on your favourite flavour of linux, identify and install equivalent packages to the ones listed here.
Alliance Auth can be installed on any operating system. Dependencies are provided below for two of the most popular server platforms, Ubuntu and CentOS. To install on your favourite flavour of Linux, identify and install equivalent packages to the ones listed here.
```eval_rst
.. hint::
@@ -31,7 +31,7 @@ CentOS:
### Database
It's recommended to use a database service instead of sqlite. Many options are available, but this guide will use MariaDB.
It's recommended to use a database service instead of SQLite. Many options are available, but this guide will use MariaDB.
Ubuntu:
@@ -60,7 +60,7 @@ CentOS:
```eval_rst
.. important::
CentOS: Make sure redis is running before continuing. ::
CentOS: Make sure Redis is running before continuing. ::
systemctl enable redis.service
systemctl start redis.service
@@ -104,7 +104,7 @@ Create a Python virtual environment and put it somewhere convenient (e.g. `/home
```eval_rst
.. warning::
The python3 command may not be available on all installations. Try a specific version such as python3.6 if this is the case.
The python3 command may not be available on all installations. Try a specific version such as ``python3.6`` if this is the case.
```
```eval_rst
@@ -117,14 +117,14 @@ Activate the virtualenv using `source /home/allianceserver/venv/auth/bin/activat
```eval_rst
.. hint::
Each time you come to do maintenance on your Alliance Auth installation, you should activate your virtual environment first. When finished, deactivate it with the 'deactivate' command.
Each time you come to do maintenance on your Alliance Auth installation, you should activate your virtual environment first. When finished, deactivate it with the ``deactivate`` command.
```
Ensure wheel is available with `pip install wheel` before continuing.
### Alliance Auth Project
You can install the library using `pip install allianceauth`. This will install Alliance Auth and all its python dependencies. You should also install gunicorn with `pip install gunicorn` before proceeding.
You can install the library using `pip install allianceauth`. This will install Alliance Auth and all its python dependencies. You should also install Gunicorn with `pip install gunicorn` before proceeding.
Now you need to create the application that will run the Alliance Auth install. Ensure you are in the allianceserver home directory by issuing `cd /home/allianceserver`.
@@ -153,13 +153,13 @@ And finally ensure the allianceserver user has read/write permissions to this di
### Gunicorn
To run the auth website a [WSGI Server](https://www.fullstackpython.com/wsgi-servers.html) is required. [Gunicorn](http://gunicorn.org/) is highly recommended for its ease of configuring. It can be manually run with `gunicorn myauth.wsgi` or automatically run using supervisor.
To run the auth website a [WSGI Server](https://www.fullstackpython.com/wsgi-servers.html) is required. [Gunicorn](http://gunicorn.org/) is highly recommended for its ease of configuring. It can be manually run from within your `myauth` base directory with `gunicorn --bind 0.0.0.0 myauth.wsgi` or automatically run using Supervisor.
The default configuration is good enough for most installations. Additional information is available in the [gunicorn](gunicorn.md) doc.
### Supervisor
[Supervisor](http://supervisord.org/) is a process watchdog service: it makes sure other processes are started automatically and kept running. It can be used to automatically start the WSGI server and celery workers for background tasks. Installation varies by OS:
[Supervisor](http://supervisord.org/) is a process watchdog service: it makes sure other processes are started automatically and kept running. It can be used to automatically start the WSGI server and Celery workers for background tasks. Installation varies by OS:
Ubuntu:
@@ -171,7 +171,7 @@ CentOS:
systemctl enable supervisord.service
systemctl start supervisord.service
Once installed it needs a configuration file to know which processes to watch. Your Alliance Auth project comes with a ready-to-use template which will ensure the celery workers, celery task scheduler and gunicorn are all running.
Once installed it needs a configuration file to know which processes to watch. Your Alliance Auth project comes with a ready-to-use template which will ensure the Celery workers, Celery task scheduler and Gunicorn are all running.
Ubuntu:
@@ -187,7 +187,7 @@ You can check the status of the processes with `supervisorctl status`. Logs from
```eval_rst
.. note::
Any time the code or your settings change you'll need to restart gunicorn and celery. ::
Any time the code or your settings change you'll need to restart Gunicorn and Celery. ::
supervisorctl restart myauth:
```
@@ -214,4 +214,4 @@ Some releases come with changes to settings: update your project's settings with
Some releases come with new or changed models. Update your database to reflect this with `python /home/allianceserver/myauth/manage.py migrate`.
Always restart celery and gunicorn after updating.
Always restart Celery and Gunicorn after updating.

4
docs/installation/auth/apache.md
View File

@@ -24,7 +24,7 @@ Apache needs to be able to read the folder containing your auth project's static
Apache serves sites through defined virtual hosts. These are located in `/etc/apache2/sites-available/` on Ubuntu and `/etc/httpd/conf.d/httpd.conf` on CentOS.
A virtual host for auth need only proxy requests to your WSGI server (gunicorn if you followed the install guide) and serve static files. Examples can be found below. Create your config in its own file eg `myauth.conf`.
A virtual host for auth need only proxy requests to your WSGI server (Gunicorn if you followed the install guide) and serve static files. Examples can be found below. Create your config in its own file e.g. `myauth.conf`
### Ubuntu
@@ -34,7 +34,7 @@ To proxy and modify headers a few mods need to be enabled.
a2enmod proxy_http
a2enmod headers
Create a new config file for auth eg `/etc/apache2/sites-available/myauth.conf` and fill out the virtual host configuration. To enable your config use `a2ensite myauth.conf` and then reload apache with `service apache2 reload`.
Create a new config file for auth e.g. `/etc/apache2/sites-available/myauth.conf` and fill out the virtual host configuration. To enable your config use `a2ensite myauth.conf` and then reload apache with `service apache2 reload`.
### CentOS

4
docs/installation/auth/gunicorn.md
View File

@@ -10,12 +10,12 @@ Check out the full [Gunicorn docs](http://docs.gunicorn.org/en/latest/index.html
```eval_rst
.. note::
If you're using a virtual environment (and I would encourage you to do so when hosting Alliance Auth), activate it now. `source /path/to/venv/bin/activate`.
If you're using a virtual environment, activate it now. ``source /path/to/venv/bin/activate``.
```
Install Gunicorn using pip, `pip install gunicorn`.
In your `myauth` base directory, try running `gunicorn --bind 0.0.0.0:8000 myauth.wsgi`. You should be able to browse to http://yourserver:8000 and see your Alliance Auth installation running. Images and styling will be missing, but dont worry, your web server will provide them.
In your `myauth` base directory, try running `gunicorn --bind 0.0.0.0:8000 myauth.wsgi`. You should be able to browse to http://yourserver:8000 and see your Alliance Auth installation running. Images and styling will be missing, but don't worry, your web server will provide them.
Once you validate its running, you can kill the process with Ctrl+C and continue.

17
docs/installation/auth/nginx.md
View File

@@ -1,6 +1,6 @@
# NGINX
## Overivew
## Overview
Nginx (engine x) is a HTTP server known for its high performance, stability, simple configuration, and low resource consumption. Unlike traditional servers (i.e. Apache), Nginx doesn't rely on threads to serve requests, rather using an asynchronous event driven approach which permits predictable resource usage and performance under load.
@@ -12,7 +12,7 @@ You can read more about NGINX on the [NGINX wiki](https://www.nginx.com/resource
If you're converting from Apache, here are some things to consider.
Nginx is lightweight for a reason. It doesn't try to do everything internally and instead concentrates on just being a good HTTP server. This means that, unlike Apache, it wont automatically run PHP scripts via mod_php and doesn't have an internal WSGI server like mod_wsgi. That doesn't mean that it can't, just that it relies on external processes to run these instead. This might be good or bad depending on your outlook. It's good because it allows you to segment your applications, restarting Alliance Auth wont impact your PHP applications. On the other hand it means more config and more management of services. For some people it will be worth it, for others losing the centralised nature of Apache may not be worth it.
Nginx is lightweight for a reason. It doesn't try to do everything internally and instead concentrates on just being a good HTTP server. This means that, unlike Apache, it won't automatically run PHP scripts via mod_php and doesn't have an internal WSGI server like mod_wsgi. That doesn't mean that it can't, just that it relies on external processes to run these instead. This might be good or bad depending on your outlook. It's good because it allows you to segment your applications, restarting Alliance Auth wont impact your PHP applications. On the other hand it means more config and more management of services. For some people it will be worth it, for others losing the centralised nature of Apache may not be worth it.
```eval_rst
+-----------+----------------------------------------+
@@ -25,13 +25,20 @@ Nginx is lightweight for a reason. It doesn't try to do everything internally an
```
Your .htaccess files wont work. Nginx has a separate way of managing access to folders via the server config. Everything you can do with htaccess files you can do with Nginx config. [Read more on the Nginx wiki](https://www.nginx.com/resources/wiki/start/topics/examples/likeapache-htaccess/)
Your .htaccess files won't work. Nginx has a separate way of managing access to folders via the server config. Everything you can do with htaccess files you can do with Nginx config. [Read more on the Nginx wiki](https://www.nginx.com/resources/wiki/start/topics/examples/likeapache-htaccess/)
## Setting up Nginx
Install Nginx via your preferred package manager or other method. If you need help just search, there are plenty of guides on installing Nginx out there.
Nginx needs to be able to read the folder containing your auth project's static files. On Ubuntu: `chown -R nginx:nginx /var/www/myauth/static`, and on CentOS: `chown -R nginx:nginx /var/www/myauth/static`
Nginx needs to be able to read the folder containing your auth project's static files. `chown -R nginx:nginx /var/www/myauth/static`.
```eval_rst
.. tip::
Some specific distros may use www-data:www-data instead of nginx:nginx, causing static files (images, stylesheets etc) not to appear. You can confirm what user Nginx will run under by checking either its base config file `/etc/nginx/nginx.conf` for the "user" setting, or once Nginx has started `ps aux | grep nginx`.
Adjust your chown commands to the correct user if needed.
..
```
You will need to have [Gunicorn](gunicorn.md) or some other WSGI server setup for hosting Alliance Auth.
@@ -57,7 +64,7 @@ server {
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
location /static {
alias /var/www/myauth/static;
autoindex off;
}

20
docs/installation/services/discord.md
View File

@@ -1,6 +1,8 @@
# Discord
## Overview
Discord is a web-based instant messaging client with voice. Kind of like teamspeak meets slack meets skype. It also has a standalone app for phones and desktop.
Discord is a web-based instant messaging client with voice. Kind of like TeamSpeak meets Slack meets Skype. It also has a standalone app for phones and desktop.
Discord is very popular amongst ad-hoc small groups and larger organizations seeking a modern technology. Alternative voice communications should be investigated for larger than small-medium groups for more advanced features.
## Setup
@@ -25,11 +27,7 @@ Navigate to the [Discord site](https://discordapp.com/) and register an account,
On the left side of the screen youll see a circle with a plus sign. This is the button to create a new server. Go ahead and do that, naming it something obvious.
Now retrieve the server ID from the URL of the page youre on. The ID is the first of the very long numbers. For instance my testing servers url look like:
https://discordapp.com/channels/120631096835571712/120631096835571712
with a server ID of `120631096835571712`
Now retrieve the server ID [following this procedure.](https://support.discordapp.com/hc/en-us/articles/206346498-Where-can-I-find-my-User-Server-Message-ID-)
Update your auth project's settings file, inputting the server ID as `DISCORD_GUILD_ID`
@@ -49,22 +47,22 @@ Update your auth project's settings file with these pieces of information from t
- From the App Bot Users panel, `DISCORD_BOT_TOKEN` is the Token
### Preparing Auth
Before continuing it is essential to run migrations and restart gunicorn and celery.
Before continuing it is essential to run migrations and restart Gunicorn and Celery.
### Adding a Bot to the Server
Once created, navigate to the services page of your AllianceAuth install as the superuser account. At the top there is a big green button labelled Link Discord Server. Click it, then from the drop down select the server you created, and then Authorize.
Once created, navigate to the services page of your Alliance Auth install as the superuser account. At the top there is a big green button labelled Link Discord Server. Click it, then from the drop down select the server you created, and then Authorize.
This adds a new user to your Discord server with a `BOT` tag, and a new role with the same name as your Discord application. Don't touch either of these. If for some reason the bot loses permissions or is removed from the server, click this button again.
To manage roles, this bot role must be at the top of the hierarchy. Edit your Discord server, roles, and click and drag the role with the same name as your application to the top of the list. This role must stay at the top of the list for the bot to work. Finally, the owner of the bot account must enable 2 Factor Authentication (this is required from discord for kicking and modifying member roles). If you are unsure what 2FA is or how to set it up, refer to [this support page](https://support.discordapp.com/hc/en-us/articles/219576828). It is also recommended to force 2fa on your server (this forces any admins or moderators to have 2fa enabled to perform similar functions on discord).
To manage roles, this bot role must be at the top of the hierarchy. Edit your Discord server, roles, and click and drag the role with the same name as your application to the top of the list. This role must stay at the top of the list for the bot to work. Finally, the owner of the bot account must enable 2 Factor Authentication (this is required from Discord for kicking and modifying member roles). If you are unsure what 2FA is or how to set it up, refer to [this support page](https://support.discordapp.com/hc/en-us/articles/219576828). It is also recommended to force 2FA on your server (this forces any admins or moderators to have 2fa enabled to perform similar functions on discord).
Note that the bot will never appear online as it does not participate in chat channels.
### Linking Accounts
Instead of the usual account creation procedure, for Discord to work we need to link accounts to AllianceAuth. When attempting to enable the Discord service, users are redirected to the official Discord site to authenticate. They will need to create an account if they don't have one prior to continuing. Upon authorization, users are redirected back to AllianceAuth with an OAuth code which is used to join the Discord server.
Instead of the usual account creation procedure, for Discord to work we need to link accounts to Alliance Auth. When attempting to enable the Discord service, users are redirected to the official Discord site to authenticate. They will need to create an account if they don't have one prior to continuing. Upon authorization, users are redirected back to Alliance Auth with an OAuth code which is used to join the Discord server.
### Syncing Nicknames
If you want users to have their Discord nickname changed to their in-game character name, set `DISCORD_SYNC_NAMES` to `True`
## Managing Roles
Once users link their accounts youll notice Roles get populated on Discord. These are the equivalent to Groups on every other service. The default permissions should be enough for members to chat and use comms. Add more permissions to the roles as desired through the server management window.
Once users link their accounts youll notice Roles get populated on Discord. These are the equivalent to Groups on every other service. The default permissions should be enough for members to use text and audio communications. Add more permissions to the roles as desired through the server management window.

14
docs/installation/services/discourse.md
View File

@@ -2,9 +2,9 @@
## Prepare Your Settings
In your auth project's settings file, do the following:
- Add `'allianceauth.services.modules.discourse',` to your `INSTALLED_APPS` list
- Add `'allianceauth.services.modules.discourse',` to your `INSTALLED_APPS` list
- Append the following to your local.py settings file:
# Discourse Configuration
DISCOURSE_URL = ''
@@ -35,7 +35,7 @@ Change the following:
- `DISCOUSE_HOSTNAME` should be `discourse.example.com` or something similar.
- Everything with `SMTP` depends on your mail settings. [There are plenty of free email services online recommended by Discourse](https://github.com/discourse/discourse/blob/master/docs/INSTALL-email.md#recommended-email-providers-for-discourse) if you haven't set one up for auth already.
To install behind apache/nginx, look for this section:
To install behind Apache/Nginx, look for this section:
...
## which TCP/IP ports should this container expose?
@@ -61,7 +61,7 @@ Uncomment this line:
DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4"
Restart docker:
Restart Docker:
service docker restart
@@ -74,7 +74,7 @@ Now build:
You will need to configure your web server to proxy requests to Discourse.
A minimal apache config might look like:
A minimal Apache config might look like:
<VirtualHost *:80>
ServerName discourse.example.com
@@ -82,7 +82,7 @@ A minimal apache config might look like:
ProxyPassReverse / http://0.0.0.0:7890/
</VirtualHost>
A minimal nginx config might look like:
A minimal Nginx config might look like:
server {
listen 80;
@@ -122,4 +122,4 @@ Navigate to `discourse.example.com` and log in. Back to the admin site, scroll d
Save, now set `DISCOURSE_SSO_SECRET` in your auth project's settings file to the secure key you just put in Discourse.
Finally run migrations and restart gunicorn and celery.
Finally run migrations and restart Gunicorn and Celery.

22
docs/installation/services/market.md
View File

@@ -1,7 +1,7 @@
# Alliance Market
## Dependencies
Alliance Market requires php installed in your web server. Apache has `mod_php`, NGINX requires `php-fpm`.
Alliance Market requires PHP installed in your web server. Apache has `mod_php`, NGINX requires `php-fpm`.
## Prepare Your Settings
In your auth project's settings file, do the following:
@@ -21,14 +21,14 @@ In your auth project's settings file, do the following:
}
## Setup Alliance Market
Alliance Market needs a database. Create one in mysql. Default name is `alliance_market`:
Alliance Market needs a database. Create one in MySQL/MariaDB. Default name is `alliance_market`:
mysql -u root -p
create database alliance_market;
grant all privileges on alliance_market . * to 'allianceserver'@'localhost';
exit;
To clone the repo, install packages:
Install required packages to clone the repository:
sudo apt-get install mercurial meld
@@ -36,7 +36,7 @@ Change to the web folder:
cd /var/www
Now clone the repo
Now clone the repository
sudo hg clone https://bitbucket.org/krojew/evernus-alliance-market
@@ -51,7 +51,7 @@ Change ownership to apache
sudo chown -R www-data:www-data evernus-alliance-market
Enter
Enter directory
cd evernus-alliance-market
@@ -67,7 +67,7 @@ Edit, changing the following:
- `database_name` to `alliance_market`
- `database_user` to your MySQL user (usually `allianceserver`)
- `database_password` to your MySQL user password
- email settings, eg gmail
- email settings, eg Gmail/Mailgun etc.
Edit `app/config/config.yml` and add the following:
@@ -101,7 +101,7 @@ Install SDE:
Configure your web server to serve alliance market.
A minimal apache config might look like:
A minimal Apache config might look like:
<VirtualHost *:80>
ServerName market.example.com
@@ -113,7 +113,7 @@ A minimal apache config might look like:
</Directory>
</VirtualHost>
A minimal nginx config might look like:
A minimal Nginx config might look like:
server {
listen 80;
@@ -121,11 +121,11 @@ A minimal nginx config might look like:
root /var/www/evernus-alliance-market/web;
index app.php;
access_log /var/logs/market.access.log;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/tmp/php.socket;
fastcgi_index index.php;
fastcgi_index app.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
@@ -141,4 +141,4 @@ Add a user account through auth, then make it a superuser:
Now edit your auth project's settings file and fill in the web URL to your market as well as the database details.
Finally run migrations and restart gunicorn and celery.
Finally run migrations and restart Gunicorn and Celery.

14
docs/installation/services/mumble.md
View File

@@ -4,13 +4,13 @@
In your auth project's settings file, do the following:
- Add `'allianceauth.services.modules.mumble',` to your `INSTALLED_APPS` list
- Append the following to your local.py settings file:
# Mumble Configuration
MUMBLE_URL = ""
## Overview
Mumble is a free voice chat server. While not as flashy as teamspeak, it has all the functionality and is easier to customize. And is better. I may be slightly biased.
Mumble is a free voice chat server. While not as flashy as TeamSpeak, it has all the functionality and is easier to customize. And is better. I may be slightly biased.
## Dependencies
The mumble server package can be retrieved from a repository we need to add, mumble/release.
@@ -35,11 +35,11 @@ REQUIRED: To enable the ICE authenticator, edit the following:
- `icesecretwrite=MY_CLEVER_PASSWORD`, obviously choosing a secure password
By default mumble operates on sqlite which is fine, but slower than a dedicated MySQL server. To customize the database, edit the following:
By default mumble operates on SQLite which is fine, but slower than a dedicated MySQL server. To customize the database, edit the following:
- uncomment the database line, and change it to `database=alliance_mumble`
- `dbDriver=QMYSQL`
- `dbUsername=allianceserver` or whatever you called the AllianceAuth MySQL user
- `dbUsername=allianceserver` or whatever you called the Alliance Auth MySQL user
- `dbPassword=` that users password
- `dbPort=3306`
- `dbPrefix=murmur_`
@@ -48,7 +48,7 @@ To name your root channel, uncomment and set `registerName=` to whatever cool na
Save and close the file (control + O, control + X).
To get mumble superuser account credentials, run the following:
To get Mumble superuser account credentials, run the following:
sudo dpkg-reconfigure mumble-server
@@ -85,9 +85,9 @@ The authenticator needs to be running 24/7 to validate users on Mumble. You shou
Note that groups will only be created on Mumble automatically when a user joins who is in the group.
## Making and Managing Channels
ACL is really above the scope of this guide. Once AllianceAuth creates your groups, go ahead and follow one of the wonderful web guides available on how to set up channel ACL properly.
ACL is really above the scope of this guide. Once Alliance Auth creates your groups, go ahead and follow one of the wonderful web guides available on how to set up channel ACL properly.
## Prepare Auth
In your project's settings file, set `MUMBLE_URL` to the public address of your mumble server. Do not include any leading `http://` or `mumble://`.
Run migrations and restart gunicorn and celery to complete setup.
Run migrations and restart Gunicorn and Celery to complete setup.

30
docs/installation/services/openfire.md
View File

@@ -1,6 +1,6 @@
# Openfire
Openfire is a jabber (XMPP) server.
Openfire is a Jabber (XMPP) server.
## Prepare Your Settings
- Add `'allianceauth.services.modules.openfire',` to your `INSTALLED_APPS` list
@@ -18,7 +18,7 @@
BROADCAST_SERVICE_NAME = "broadcast"
## Overview
Openfire is a java-based xmpp server (jabber).
Openfire is a Java-based XMPP server (Jabber).
## Dependencies
One additional package is required - openjdk8
@@ -35,24 +35,30 @@ CentOS:
## Setup
### Download Installer
Openfire is not available through repositories so we need to get a debian from the developer.
Openfire is not available through repositories so we need to get a package from the developer.
On your PC, naviage to the [Ignite Realtime downloads section](https://www.igniterealtime.org/downloads/index.jsp), and under Openfire select Linux, click on the debian file (2nd from bottom of list, ends with .deb).
On your PC, navigate to the [Ignite Realtime downloads section](https://www.igniterealtime.org/downloads/index.jsp), and under Openfire select Linux, click on the Ubuntu: Debian package (second from bottom of list, ends with .deb) or CentOS: RPM Package (no JRE bundled, as we have installed it on the host)
Retrieve the file location by copying the url from the “click here” link.
Retrieve the file location by copying the URL from the “click here” link, depending on your browser you may have a Copy Link or similar option in your right click menu.
In the console, ensure youre in your users home directory: `cd ~`
Now download the package. Replace the link below with the link you got earlier.
wget https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_4.1.1_all.deb
wget https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_4.2.3_all.deb
Now install from the debian. Replace the filename with your file name (the last part of the download url is the file name)
Now install from the package. Replace the filename with your filename (the last part of the download URL is the file name)
sudo dpkg -i openfire_4.1.1_all.deb
Ubuntu:
sudo dpkg -i openfire_4.2.3_all.deb
CentOS:
sudo yum install -y openfire-4.2.3-1.noarch.rpm
### Create Database
Performance is best when working from a SQL database. If you installed MySQL or MariaDB alongside your auth project, go ahead and create a database for openfire:
Performance is best when working from a SQL database. If you installed MySQL or MariaDB alongside your auth project, go ahead and create a database for Openfire:
mysql -u root -p
create database alliance_jabber;
@@ -62,7 +68,7 @@ Performance is best when working from a SQL database. If you installed MySQL or
### Web Configuration
The remainder of the setup occurs through Openfires web interface. Navigate to http://example.com:9090, or if youre behind CloudFlare, go straight to your servers IP:9090.
Select your language. I sure hope its english if youre reading this guide.
Select your language. I sure hope its English if youre reading this guide.
Under Server Settings, set the Domain to `example.com` replacing it with your actual domain. Dont touch the rest.
@@ -100,7 +106,7 @@ Select `Enabled`, and `Secret Key Auth`. Update your auth project's settings wit
Navigate to the `Users/Groups` tab and select `Create New User` from the left navigation bar.
Pick a username (eg `broadcast`) and password for your ping user. Enter these in your auth project's settings file as `BROADCAST_USER` and `BROADCAST_USER_PASSWORD`. Note that `BROADCAST_USER` needs to be in the format `user@example.com` matching your jabber server name. Press `Create User` to save this user.
Pick a username (e.g. `broadcast`) and password for your ping user. Enter these in your auth project's settings file as `BROADCAST_USER` and `BROADCAST_USER_PASSWORD`. Note that `BROADCAST_USER` needs to be in the format `user@example.com` matching your jabber server name. Press `Create User` to save this user.
Broadcasting requires a plugin. Navigate to the `plugins` tab, press the green plus for the `Broadcast` plugin.
@@ -117,7 +123,7 @@ If you have troubles getting broadcasts to work, you can try setting the optiona
### Preparing Auth
Once all settings are entered, run migrations and restart gunicorn and celery.
Once all settings are entered, run migrations and restart Gunicorn and Celery.
### Group Chat
Channels are available which function like a chat room. Access can be controlled either by password or ACL (not unlike mumble).

8
docs/installation/services/permissions.md
View File

@@ -1,14 +1,10 @@
# Service Permissions
```eval_rst
.. note::
New in 1.15
```
In the past, access to services was dictated by a list of settings in `settings.py`, granting access to each particular service for Members and/or Blues. This meant that granting access to a service was very broad and rigidly structured around these two states.
## Permissions based access
Instead of granting access to services by the previous rigid structure, access to services is now granted by the built in Django permissions system. This means that service access can be more granular, allowing only certain groups, for instance Corp CEOs, or even individual user access to each enabled service.
Instead of granting access to services by the previous rigid structure, access to services is now granted by the built in Django permissions system. This means that service access can be more granular, allowing only certain states, certain groups, for instance Corp CEOs, or even individual user access to each enabled service.
```eval_rst
.. important::
@@ -34,4 +30,4 @@ If a user no longer has permission to access the service when this permissions c
### Disabling user accounts
When you unset a user as active in the admin panel, all of that users service accounts will be immediately disabled or removed. This is due to the built in behaviour of Djangos permissions system, which will return False for all permissions if a users account is disabled, regardless of their actual permissions state.
When you unset a user as active in the admin panel, all of that users service accounts will be immediately disabled or removed. This is due to the built in behaviour of the Django permissions system, which will return False for all permissions if a users account is disabled, regardless of their actual permissions state.

37
docs/installation/services/phpbb3.md
View File

@@ -1,12 +1,10 @@
# phpBB3
and run migrations before continuing with this guide to ensure the service is installed.
## Overview
phpBB is a free php-based forum. Its the default forum for AllianceAuth.
phpBB is a free PHP-based forum.
## Dependencies
PHPBB3 requires php installed in your web server. Apache has `mod_php`, NGINX requires `php-fpm`. See [the official guide](https://www.phpbb.com/community/docs/INSTALL.html) for php package requirements.
phpBB3 requires PHP installed in your web server. Apache has `mod_php`, NGINX requires `php-fpm`. See [the official guide](https://www.phpbb.com/community/docs/INSTALL.html) for PHP package requirements.
## Prepare Your Settings
In your auth project's settings file, do the following:
@@ -27,7 +25,7 @@ In your auth project's settings file, do the following:
## Setup
### Prepare the Database
Create a database to install phpbb3 in.
Create a database to install phpBB3 in.
mysql -u root -p
create database alliance_forum;
@@ -36,12 +34,12 @@ Create a database to install phpbb3 in.
Edit your auth project's settings file and fill out the `DATABASES['phpbb3']` part.
### Download Phpbb3
phpBB is available as a zip from their website. Navigate to the websites [downloads section](https://www.phpbb.com/downloads/) using your PC browser and copy the URL for the latest version zip.
### Download phpbb3
phpBB is available as a zip from their website. Navigate to the websites [downloads section](https://www.phpbb.com/downloads/) using your PC browser and copy the URL for the latest version zip. Depending on your browser you may have a Copy Link or similar option in your right click menu.
In the console, navigate to your users home directory: `cd ~`
Now download using wget, replacing the url with the url for the package you just retrieved
Now download using wget, replacing the URL with the URL for the package you just retrieved
wget https://www.phpbb.com/files/release/phpBB-3.2.2.zip
@@ -55,12 +53,19 @@ Now we need to move this to our web directory. Usually `/var/www/forums`.
The web server needs read/write permission to this folder
sudo chown -R www-data:www-data /var/www/forums
Apache: `sudo chown -R www-data:www-data /var/www/forums`
Nginx: `sudo chown -R nginx:nginx /var/www/forums`
```eval_rst
.. tip::
Nginx: Some distributions use the ``www-data:www-data`` user:group instead of ``nginx:nginx``. If you run into problems with permissions try it instead.
..
```
### Configuring Web Server
You will need to configure you web server to serve PHPBB3 before proceeding with installation.
A minimal apache config file might look like:
A minimal Apache config file might look like:
<VirtualHost *:80>
ServerName forums.example.com
@@ -71,7 +76,7 @@ A minimal apache config file might look like:
</Directory>
</VirtualHost>
A minimal nginx config file might look like:
A minimal Nginx config file might look like:
server {
listen 80;
@@ -79,16 +84,16 @@ A minimal nginx config file might look like:
root /var/www/forums;
index index.php;
access_log /var/logs/forums.access.log;
location ~ /(config\.php|common\.php|cache|files|images/avatars/upload|includes|store) {
deny all;
return 403;
}
location ~* \.(gif|jpe?g|png|css)$ {
expires 30d;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/tmp/php.socket;
@@ -117,7 +122,7 @@ Under Database Settings, set the following:
If you use a table prefix other than the standard `phpbb_` you need to add an additional setting to your auth project's settings file, `PHPBB3_TABLE_PREFIX = ''`, and enter the prefix.
You should see `Succesful Connection` and proceed.
You should see `Successful Connection` and proceed.
Enter administrator credentials on the next page.
@@ -140,4 +145,4 @@ You can allow members to overwrite the portrait with a custom image if desired.
![location of change avatar setting](/_static/images/installation/services/phpbb3/avatar_permissions.png)
### Prepare Auth
Once settings have been configured, run migrations and restart gunicorn and celery.
Once settings have been configured, run migrations and restart Gunicorn and Celery.

38
docs/installation/services/smf.md
View File

@@ -1,15 +1,15 @@
# SMF
## Overview
SMF is a free php-based forum.
SMF is a free PHP-based forum.
## Dependencies
SMF requires php installed in your web server. Apache has `mod_php`, NGINX requires `php-fpm`. More details can be found in the [SMF requirements page.](https://download.simplemachines.org/requirements.php)
SMF requires PHP installed in your web server. Apache has `mod_php`, NGINX requires `php-fpm`. More details can be found in the [SMF requirements page.](https://download.simplemachines.org/requirements.php)
## Prepare Your Settings
In your auth project's settings file, do the following:
- Add `'allianceauth.services.modules.smf',` to your `INSTALLED_APPS` list
- Append the following to the bottom of the settings file:
- Append the following to the bottom of the settings file:
# SMF Configuration
@@ -25,15 +25,16 @@ In your auth project's settings file, do the following:
## Setup
### Download SMF
Using your browser, you can download the latest version of SMF to your desktop computer. All SMF downloads can be found at SMF Downloads. The latest recommended version will always be available at http://www.simplemachines.org/download/index.php/latest/install/.
Using your browser, you can download the latest version of SMF to your desktop computer. All SMF downloads can be found at SMF Downloads. The latest recommended version will always be available at http://www.simplemachines.org/download/index.php/latest/install/. Retrieve the file location from the hyperlinked box icon for the zip full install, depending on your browser you may have a Copy Link or similar option in your right click menu.
Download using wget, replacing the url with the url for the package you just retrieved
wget http://download.simplemachines.org/index.php?thanks;filename=smf_2-0-13_install.zip
Download using wget, replacing the URL with the URL for the package you just retrieved
wget https://download.simplemachines.org/index.php?thanks;filename=smf_2-0-15_install.zip
This needs to be unpackaged. Unzip it, replacing the file name with that of the file you just downloaded
unzip smf_2-0-13_install.zip
unzip smf_2-0-15_install.zip
Now we need to move this to our web directory. Usually `/var/www/forums`.
@@ -41,7 +42,14 @@ Now we need to move this to our web directory. Usually `/var/www/forums`.
The web server needs read/write permission to this folder
sudo chown -R www-data:www-data /var/www/forums
Apache: `sudo chown -R www-data:www-data /var/www/forums`
Nginx: `sudo chown -R nginx:nginx /var/www/forums`
```eval_rst
.. tip::
Nginx: Some distributions use the ``www-data:www-data`` user:group instead of ``nginx:nginx``. If you run into problems with permissions try it instead.
..
```
### Database Preparation
SMF needs a database. Create one:
@@ -56,7 +64,7 @@ Enter the database information into the `DATABASES['smf']` section of your auth
### Web Server Configuration
Your web server needs to be configured to serve Alliance Market.
A minimal apache config might look like:
A minimal Apache config might look like:
<VirtualHost *:80>
ServerName forums.example.com
@@ -66,7 +74,7 @@ A minimal apache config might look like:
</Directory>
</VirtualHost>
A minimal nginx config might look like:
A minimal Nginx config might look like:
server {
listen 80;
@@ -74,7 +82,7 @@ A minimal nginx config might look like:
root /var/www/forums;
index app.php;
access_log /var/logs/forums.access.log;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/tmp/php.socket;
@@ -86,9 +94,6 @@ A minimal nginx config might look like:
Enter the web address to your forums into the `SMF_URL` setting in your auth project's settings file.
### Preparing Auth
Once settings are entered, apply migrations and restart gunicorn and celery.
### Web Install
Navigate to your forums address where you will be presented with an installer.
@@ -106,4 +111,7 @@ Under Database Settings, set the following:
If you use a table prefix other than the standard `smf_` you need to add an additional setting to your auth project's settings file, `SMF_TABLE_PREFIX = ''`, and enter the prefix.
Follow the directions in the installer.
Follow the directions in the installer.
### Preparing Auth
Once settings are entered, apply migrations and restart Gunicorn and Celery.

22
docs/installation/services/teamspeak3.md
View File

@@ -1,7 +1,7 @@
# Teamspeak 3
# TeamSpeak 3
## Overview
Teamspeak3 is the most popular VOIP program for gamers.
TeamSpeak3 is the most popular VOIP program for gamers.
But have you considered using Mumble? Not only is it free, but it has features and performance far superior to Teamspeak3.
@@ -12,7 +12,7 @@ Sticking with TS3? Alright, I tried.
In your auth project's settings file, do the following:
- Add `'allianceauth.services.modules.teamspeak3',` to your `INSTALLED_APPS` list
- Append the following to the bottom of the settings file:
# Teamspeak3 Configuration
TEAMSPEAK3_SERVER_IP = '127.0.0.1'
@@ -21,25 +21,25 @@ In your auth project's settings file, do the following:
TEAMSPEAK3_SERVERQUERY_PASSWORD = ''
TEAMSPEAK3_VIRTUAL_SERVER = 1
TEAMSPEAK3_PUBLIC_URL = ''
CELERYBEAT_SCHEDULE['run_ts3_group_update'] = {
'task': 'allianceauth.services.modules.teamspeak3.tasks.run_ts3_group_update',
'schedule': crontab(minute='*/30'),
}
### Download Installer
To install we need a copy of the server. You can find the latest version from [this dl server](http://dl.4players.de/ts/releases/) (Id recommed getting the latest stable version find this version number from the [TeamSpeak site](https://www.teamspeak.com/downloads#)). Be sure to get a link to the linux version.
To install we need a copy of the server. You can find the latest version from [this dl server](http://dl.4players.de/ts/releases/) (Id recommend getting the latest stable version find this version number from the [TeamSpeak site](https://www.teamspeak.com/downloads#)). Be sure to get a link to the Linux version.
Download the server, replacing the link with the link you got earlier.
http://dl.4players.de/ts/releases/3.1.0/teamspeak3-server_linux_amd64-3.1.0.tar.bz2
http://dl.4players.de/ts/releases/3.1.1/teamspeak3-server_linux_amd64-3.1.1.tar.bz2
Now we need to extract the file.
tar -xf teamspeak3-server_linux_amd64-3.1.0.tar.bz2
### Create User
Teamspeak needs its own user.
TeamSpeak needs its own user.
sudo adduser --disabled-login teamspeak
@@ -50,7 +50,7 @@ Now we move the server binary somewhere more accessible and change its ownership
sudo chown -R teamspeak:teamspeak /usr/local/teamspeak
### Startup
Now we generate a startup script so teamspeak comes up with the server.
Now we generate a startup script so TeamSpeak comes up with the server.
sudo ln -s /usr/local/teamspeak/ts3server_startscript.sh /etc/init.d/teamspeak
sudo update-rc.d teamspeak defaults
@@ -68,12 +68,12 @@ Edit the settings you added to your auth project's settings file earlier, enteri
- `TEAMSPEAK3_SERVERQUERY_USER` is `loginname` from that block of text it just spat out (usually `serveradmin`)
- `TEAMSPEAK3_SERVERQUERY_PASSWORD` is `password` from that block of text it just spat out
- `TEAMSPEAK_VIRTUAL_SERVER` is the virtual server ID of the server to be managed - it will only ever not be 1 if your server is hosted by a professional company
- `TEAMSPEAK3_PUBLIC_URL` is the public address of your teamspeak server. Do not include any leading http:// or teamspeak://
- `TEAMSPEAK3_PUBLIC_URL` is the public address of your TeamSpeak server. Do not include any leading http:// or teamspeak://
Once settings are entered, run migrations and restart gunicorn and celery.
Once settings are entered, run migrations and restart Gunicorn and Celery.
### Generate User Account
And now we can generate ourselves a user account. Navigate to the services in AllianceAuth for your user account and press the checkmark for TeamSpeak 3.
And now we can generate ourselves a user account. Navigate to the services in Alliance Auth for your user account and press the checkmark for TeamSpeak 3.
Click the URL provided to automatically connect to our server. It will prompt you to redeem the serveradmin token, enter the `token` from startup.

2
docs/installation/services/xenforo.md
View File

@@ -37,4 +37,4 @@ The settings you created earlier now need to be filled out.
`XENFORO_API_KEY` is the API key value you set earlier.
Once these are entered, run migrations and restart gunicorn and celery.
Once these are entered, run migrations and restart Gunicorn and Celery.